An alert issued on September 22nd, 2021 by FBI and CISA on a joint note says that the Conti Ransomware has become super-active in recent months as their analysis showed that the said malware spreading gang was involved in over 400 attacks on companies operating in United States and abroad.
By launching spear phishing campaigns, stealing RDP credentials, by conducting phone call related scams and launching fake software, CONTI has kept its money bells ringing throughout this year and that was confirmed by a spokesperson from Cybersecurity and Infrastructure Security Agency (CISA).
So, the federal agency is urging the C-level staff of public and private networks to focus more on safeguarding their IT infrastructure with proactive measures such as installing email filters and phishing detecting software, protecting their remote desktop platform capabilities by fixing their vulnerabilities or at-least disconnecting them when not in use, performing regular backups that are useful at the time of disaster recovery and by creating an awareness among the staff on maintaining a cyber hygiene while they are online.
Note- Conti is known as one of the ruthless ransomware gangs after REvil that are often seen targeting healthcare services provider, 911 dispatch carriers, emergency medical services and law enforcement agencies, including police control rooms and response centres. The gang indulges in double extortion tactics after infecting Microsoft Windows machines. And is usually seen demanding a ransom in millions since 2020. CTI in Latin means Conte- an attendee or retinue to an Emperor/King.